US9075986B1ActiveUtility
Systems and methods for software application security management
Est. expiryOct 19, 2026(~0.3 yrs left)· nominal 20-yr term from priority
G06F 21/52H04L 63/10G06F 21/62G06F 21/45H04L 63/20G06F 21/31G06F 21/121G06F 21/50G06F 21/6245G06F 2221/2141G06F 21/554H04L 63/105G06F 2221/2149G06F 21/577G06F 21/53G06Q 20/4012H04L 63/0846
83
PatentIndex Score
6
Cited by
4
References
17
Claims
Abstract
Apparatus and method for managing password information associated with a service account are disclosed. In some embodiments, a service account management system is configured to include a security account utility and a password information data store. In some embodiments, a security account utility is used when registering, tracking, and adjusting password change information. In some embodiments, notification of a password change date is transmitted to a service account owner and a security auditor for enforcement. Use of a security account management system with a middleware application is also disclosed.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. An apparatus for security management, comprising:
a subsystem including a service account including access information associated therewith; and
a service account management system configured to assess a risk for the service account, wherein the risk includes an operational risk level and a security risk level, the service account management system comprising:
a service account utility configured to include service account application code to communicate with the service account and to register a password change date associated with the access information;
a security record data store configured to retain a security record including an identifier associated with the service account and the password change date; and
a notification module configured to periodically check the security record for updated information and compliance with a security policy based on the operational risk level and the security risk level, and notify a user of the service account when the security record needs to be updated to comply with the security policy.
2. The apparatus of claim 1 , wherein the service account management system is configured to provide audit information associated with the password change date.
3. The apparatus of claim 1 , wherein the service account is coupled to a module including process code through a middleware application manager.
4. The apparatus of claim 1 , wherein the service account management system is configured to track the password change date using the service account utility.
5. The apparatus of claim 1 , wherein the service account utility is configured to process the password change date to generate another password change date.
6. A non-transitory machine-readable medium comprising machine-readable instructions that are executed by a processor to perform a security management method, comprising:
associating, via a service account management system, a service account module with an adjustable timestamp;
assessing, via the service account management system, a risk for the service account module, wherein the risk includes an operational risk level and a security risk level; wherein the service account module includes access information; and wherein the service account management system includes:
a service account utility configured to include service account application code to communicate with the service account module and to register a password change date associated with the access information;
a security record data store configured to retain a security record including an identifier associated with the service account module and the password change date; and
a notification module configured to periodically check the security record for updated information and compliance with a security policy based on the operational risk level and the security risk level, and notify a user of the service account module when the security record needs to be updated to comply with the security policy.
7. The machine-readable medium of claim 6 , wherein the service account module is coupled to another module including process code through a middleware application manager.
8. The machine-readable medium of claim 6 , wherein the service account management system is configured to track the password change date using the service account utility.
9. The machine-readable medium of claim 6 , wherein the service account utility is configured to process the password change date to generate another password change date.
10. The machine-readable medium of claim 6 , wherein the service account management system is configured to provide notification of a pending password change date to a user.
11. A system for message delivery, the system comprising:
a processor;
a storage device having instructions contained therein which are executed by the processor to:
use a service account management system to associate a service account module with an adjustable timestamp and assess a risk for the service account module, wherein the risk includes an operational risk level and a security risk level;
wherein the service account module includes access information; and
wherein the service account management system includes:
a service account utility configured to include service account application code to communicate with the service account module and to register a password change date associated with the access information;
a security record data store configured to retain a security record including an identifier associated with the service account module and the password change date; and
a notification module configured to periodically check the security record for updated information and compliance with security policy based on the operational risk level and the security risk level, and notify a user of the service account module when the security record needs to be updated to comply with the security policy.
12. The system of claim 11 , wherein the service account management system is configured to provide audit information associated with the password change date.
13. The system of claim 11 , wherein the service account module is coupled to another module including process code through a middleware application manager.
14. The system of claim 11 , wherein the service account management system is configured to track the password change date using the service account utility.
15. The system of claim 11 , wherein the service account utility is configured to process the password change date to generate another password change date.
16. The system of claim 11 , wherein the service account management system is configured to provide notification of a pending password change date to a user.
17. The system of claim 11 , wherein a password maintenance schedule is generated based on the security policy.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.